Skip to main content
Every request to the Vast.ai API requires an API key. The CLI stores your key locally and includes it automatically in every command. This page covers how to set up, verify, and manage API keys through the CLI.

Set Your API Key

After creating a key from the Keys page, store it locally: 
vastai set api-key YOUR_API_KEY
This writes the key to ~/.config/vastai/vast_api_key. All subsequent commands use it automatically.
You can also create keys programmatically via the API (Create API Key) or SDK (vast.create_api_key()).

Verify Your Key

Confirm your key works by fetching your account info: 
vastai show user
A successful response includes your user ID, email, and balance: 
{
  "id": 123456,
  "email": "you@example.com",
  "credit": 25.00,
  "ssh_key": "ssh-rsa AAAAB3..."
}
If you get an authentication error, double-check your API key. The most common causes are a typo, an expired key, or a scoped key that lacks the required permission for the command you’re running.

Create an API Key

You can create new keys from the CLI: 
vastai create api-key --name "ci-deploy-key"
The output includes the new key value. Copy it immediately — you will not be able to retrieve it again. To create a key with restricted permissions, pass a JSON permissions file: 
vastai create api-key --name "ci-deploy-key" --permission_file perms.json
See the Permissions page for the full permissions file format and examples.

View and Delete Keys

List all API keys on your account: 
vastai show api-keys
View a specific key’s details by ID: 
vastai show api-key 42
Delete a key: 
vastai delete api-key 42

Key Expiration

API keys do not expire by default. You can revoke a key at any time from the Keys page or with vastai delete api-key.
Treat your API key like a password. Do not commit keys to version control or share them in plaintext. If a key is compromised, revoke it immediately and create a new one.